sqlinject-finder 介绍
sqlinject-finder是一个简单的python脚本,它可以查找pcap数据包中的GET和POST数据,寻找可能存在和可疑的SQL
注入点。SQL注入检测规则可以非常容易的添加。输出能够被整齐的打印在命令行中或者以制表符分隔的方式打印。sqlinject-finder的输出包
括以下几项:
- The suspicious IP address
- The attacked webpage
- The parameter and value used
- The frame number of the packet within the pcap (can be used to find exactly where the packet is in Wireshark)
- The reason why the request was flagged